Security Service Edge

Mobile Endpoint Security Security Service Edge

Mobile Endpoint Security Security Service Edge

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Security Service Edge

Security Service Edge Contents

Secure Cloud Access (CASB solution)

Configuring CLI-based Tools and Frameworks to Work with Lookout Secure Internet Access

Step 2 - Import Lookout Private CA Root and lookoutforwardproxy Certs

Secure Private Access (ZTNA solution)

Secure Internet Access (SWG solution)

Secure Email Gateway

Cloud Security Posture Management

Cloud Firewall (FWaaS solution)

Step 2 - Import Lookout Private CA Root and lookoutforwardproxy Certs

Install both certs into the Java Certificate Store for each applicable tool or framework.


Tool/framework	Windows	MacOS
Java	Run these commands to add both certs to Java cacerts. keytool -import -trustcacerts -cacerts -storepass changeit -noprompt -alias lktPrivateCertRoot -file D:\LookoutPrivateCARoot.crt keytool -import -trustcacerts -cacerts -storepass changeit -noprompt -alias lktFwdProxy -file D:\lookoutforwardproxy.crt	N/A
Intellij	Access File > Settings > Tools > Server Certificates > Accepted Certificates > +	MacOS requires no command line changes.
Git	Import the Root cert to the Git CLI by adding the LookoutPrivateCARoot.crt content to the end of the ca-bundle.crt file in the Git installation: <GIT_INSTALL_LOCATION > \ming w64\etc\ssl\certs\ca-bundle.crt	`sudo keytool -import -keystore cacerts -trustcacerts -alias your-alias-here -file path/to/certificate.cer Example: sudo keytool -import -keystore cacerts -trustcacerts -alias lookoutcert -file /Users/tonykelly/downloads/look outokta.net.pem Validate CLI / GitHub config git config --global http.sslCaInfo`
AWS	Import the Root cert to Aws CLI. Add the LookoutPrivateCARoot.crt file content to the end of the cacert.pem file in the AWS CLI installation location. C:\Program Files\Amazon\AWSCLIV2\awscli\b otocore\cacert.pem.	sudo keytool -import -keystore cacerts -trustcacerts -alias your-alias-here -file path/to/certificate.cer Example: `sudo keytool -import -keystore cacerts -trustcacerts -alias lookoutcert -file /Users/tonykelly/downloads/look outokta.net.cer`
Python	Find the location of the truststore. `$ python -c "import certifi;print(certifi.where ());"` C:\Python311\Lib\site-packages\certifi \cacert.pem Add the content of LookoutPrivateCARoot.crt at the end of the cacert.pem file. If you are using PIP, run this command: `python -m pip config set global.cert path/to/cacert.pem`	`sudo keytool -import -keystore cacerts -trustcacerts -alias your-alias-here -file path/to/certificate.cer` Example: `sudo keytool -import -keystore cacerts -trustcacerts -alias lookoutcert -file /Users/tonykelly/downloads/look outokta.net.cer`
Google Cloud Platform	N/A	Export certs as described in Step 1: to `~/LookoutPrivateCARoot.crt` and `~/lookoutforwardproxy.crt` Combine the certs: cat LookoutPrivateCARoot.crt lookoutforwardproxy.crt > lookoutcombined.pem Configure the GCP custom ca certs: gcloud config set core/custom_ca_certs_file ~/lookoutcombined.pem

Last updated: November 20, 2024

lookout-footer

© 2024 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.